Posts Tagged ‘/dev/urandom’

The fact that I always try to use open source softwares makes me to find new softwares and try them to see if they can solve my problems and do the job or not. Times ago, I had tried flashrom project to see if it can update my bios chip or not and the answer was NO ! Your chipset is not supported yet !

Later on, it was about May 2009 which I found a program which could change the boot logo of Phoenix bios images and I recalled flashrom. It was interesting that this time it said “Yeah, Your chip is now being supported! :)”. I made it to read my Bios image and the result was a real and valid phoenix image which I could change it. After making a new image, running flashrom to write it finished without any warnings or errors. I read the image again and Boom ! It was neither the original bios, nor the new one.

This is exactly where my first email went up online on the community’s mailing list and I knew that any invalid act which yields to rebooting the laptop is going to kill it. :

I tried the latest svn version (6 May 09) of flashrom and unlike older versions didn’t get a warning on my chipset. flashrom reads my chip successfully and outputs a fine Phoenix bios. After writing a new image into the chip

I found that writer is not fully functional and reading the chip again results in an image that is neither original one nor the new image. then I tried erase functionality and it resulted in some 0xFF and some unchanged bytes in the chip. Currently writing either images doesn’t change the chip and it remains in mostly 0xFF bytes.

Most of open source project maintainers use IRC as their collaboration and communication channel both with themselves and community. I went online and Peter one the maintainers was online but he wasn’t the person responsible for ICH7 series chipsets, So I had to wait for Carl to come online. It was midnight in Iran and I went to bed leaving the laptop up and running. Next morning I found Carl and after working with him to find the problem, he suggested to try AAI type of Chip-Programming. It was a time consuming task and I had to go for an important session, So I left home.

When I returned back, I got no good results of AAI. The wonderful part of story is that my little sister had played with my laptop, when I was out, and didn’t power it off, so that I don’t get noticed she touched my laptop without permission. 😀

Carl reviewed the data-sheets for my Bios chip and found that It doesn’t support writing multiple bytes at a time. Finally he sent me some patches and the last patch wrote the image successfully. I worked a few more hours to finalize the patch and sent some verification emails so that Carl can commit them to the main version tree (And got acknowledges for helping to track down the bug ! 😉 ).

It was an amazing experience of active community support and I should really thank Carl-Daniel Hailfinger, Peter Stuge and all other active maintainers of open source projects.

The second agreement on serious programming errors have just taken place and computer science professionals reached to a formal agreement on top 25 programming errors. The main idea for such a list is to help and educate programmers to prevent kinds of vulnerabilities that are reason for almost all cyber attacks.

The 2010 CWE/SANS Top 25 Most Dangerous Programming Errors is a list of the most widespread and critical programming errors that can lead to serious software vulnerabilities. They are often easy to find, and easy to exploit. They are dangerous because they will frequently allow attackers to completely take over the software, steal data, or prevent the software from working at all.

The list for 2010 bears a striking resemblance to last year’s list that SANS organization released. Note that Cross-site scripting (XSS) attack and SQL Injection are still listed as top pitfalls.

You know about effects of advertisements in business context. When a new product is born, the company not only needs to introduce the product, but also should make demands for it. You see lots of things we’re using on a daily basis which aren’t really necessary and our predecessors were living happily without most of them. I don’t ignore the technology and the simplicity of human life caused by it but have you ever noticed your status before and after an advertisement for a cool product ? You were living without it, but after you knew about the product and the way it was shown to you, You would think about it and the way you can reach it !
Yes, Its trivial and wise, a common property of human kind.

But I was thinking about the way of life we choose for ourselves, in most cases we don’t take decisions based on a predefined road-map. Evidently there are lots of advertisements around us for different kind of tasks we can choose to do. As an example when you meet a musician playing a really beautiful and nice music, what your eyes see and your ears hear is considered as an advertisement for the music art/task. In such a situation, if there doesn’t exist any predefined road-map, you’ll choose to become a musician, or at least you would think about it. Or when you meet a poet or a computer scientist or a professional doctor that have chosen their jobs based on interest and have devoted their life into what they really like.

The above sentence might seem wrong since when you meet the musicians you usually don’t sense any effects or interests. Probably you haven’t meet the one who can really introduce/advertise their fields of interests correctly. Profession in a task is not considered as a prerequisite for advertising it, but it does actually help and is important. The other reason you might be affected by already, is that your current way of life forces you to do an specific task to gain some goods and you don’t want to risk and leave the current one for a new and interesting field.

It seems odd, since you’re judging about your self and claim that you have an interesting predefined map, but have you ever asked yourself What way exactly you’ve chosen the current one. Or What other fields you have ignored to choose this one ? How did you decide ? There is a time frame in everybody’s life time, in which he or she is not forced to do something and he can select among the fields or interests that are being advertised around him.

I want mainly conclude about the parameters affecting a person while he or she is in such a situation. Normal people usually obey the “what comes best and first algorithm” (AKA Greedy algorithm in computer science), ignoring the long time effects and so. Wise people usually list the different factors in their mind and consider the long time effect of each one, Sum it up and decide. The interest might be considered as one the factors beside the others.

And finally the Exceptional group of people, look only at their interests and choose the way, they are really interested in right away, While ignoring other parameters such as monthly rate for the job, reputation and popularity and the reflections in people’s mind, and so. They only consider them selves (and yes, this means they’re very selfish in this case) and won’t let other people and parameters choose their way of life.